Skip to main content

Avoid anyone with a signed url link to access the asset

Comments

2 comments

  • Danny Valentine
    Hey. Thanks for getting in touch.

    Signed URLs are great for ensuring that people can't create new transformations on-the-fly, such as taking an asset from your website/application and applying resizing and effects. Signed URLs aren't actually designed to prevent access to media assets outside of your site/app though. Anybody with the URL will be able to see that asset regardless of location, useragent, etc, and this is done by design.

    It sounds like what you're after is authenticated access via token or cookie based authentication, however this is only available to customers on one of our advanced plans. If you'd like to proceed with this, please  raise a support ticket and we can set up a conversation with an account manager.

    With regards to your second and third questions about providing time-limited access via signed_download_url, this is actually for downloading assets rather than displaying them, and as such, transformations can't be applied. To give a use-case example: a digital artist might have watermarked images displayed on their site in low quality using a strict transformation. If a user wanted to buy the image, the private download URL could be generate to provide the full-resolution, unwatermarked image.

    I hope this helps. Please let us know if you have any questions.

    Thanks,
    -Danny
    1
  • gStudio Team

    Got it, thanks for the answer!

    0

Post is closed for comments.